Details
Description
A POST request to a Docker repository at endpoint /v2/*/blobs/uploads/ may result in a ConcurrentModificationException and 500 HTTP status code response.
request.log
172.20.9.5 - user [12/Jun/2017:07:15:59 -0700] "POST /repository/docker-internal/v2/twistlock/blobs/uploads/ HTTP/1.1" 500 65 31 "docker/17.06.0-ce-rc2 go/go1.8.3 git-commit/402dd4a kernel/4.9.30-moby os/linux arch/amd64 UpstreamClient(Docker-Client/17.06.0-ce-rc2 (darwin))"
nexus.log:
2017-06-12 07:15:59,523-0700 WARN [qtp659463480-1838] user org.sonatype.nexus.repository.docker.internal.V2Handlers - Error: POST /v2/twistlock/blobs/uploads/ java.util.ConcurrentModificationException: null at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(Unknown Source) [na:1.8.0_102] at java.util.stream.AbstractPipeline.copyInto(Unknown Source) [na:1.8.0_102] at java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown Source) [na:1.8.0_102] at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(Unknown Source) [na:1.8.0_102] at java.util.stream.AbstractPipeline.evaluate(Unknown Source) [na:1.8.0_102] at java.util.stream.ReferencePipeline.collect(Unknown Source) [na:1.8.0_102] at org.sonatype.nexus.repository.docker.internal.UploadManager.getUploadsByName(UploadManager.java:120) [na:na] at org.sonatype.nexus.repository.docker.internal.UploadManager.startUpload(UploadManager.java:63) [na:na] at org.sonatype.nexus.repository.docker.internal.DockerHostedFacetImpl.beginBlobUpload(DockerHostedFacetImpl.java:549) [na:na] at org.sonatype.nexus.repository.docker.internal.DockerHostedFacet$beginBlobUpload$1.call(Unknown Source) [na:na] at org.sonatype.nexus.repository.docker.internal.V2Handlers$_closure3.doCall(V2Handlers.groovy:100) [na:na] at sun.reflect.GeneratedMethodAccessor453.invoke(Unknown Source) [na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [na:1.8.0_102] at java.lang.reflect.Method.invoke(Unknown Source) [na:1.8.0_102] at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93) [na:na] at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325) [na:na] at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:294) [na:na] at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1024) [na:na] at groovy.lang.Closure.call(Closure.java:414) [groovy-all:2.4.7] at org.codehaus.groovy.runtime.ConvertedClosure.invokeCustom(ConvertedClosure.java:54) [groovy-all:2.4.7] at org.codehaus.groovy.runtime.ConversionHandler.invoke(ConversionHandler.java:124) [groovy-all:2.4.7] at com.sun.proxy.$Proxy132.handle(Unknown Source) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.storage.UnitOfWorkHandler.handle(UnitOfWorkHandler.java:39) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.security.SecurityHandler.handle(SecurityHandler.java:52) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context$proceed.call(Unknown Source) [!/:na] at org.sonatype.nexus.repository.docker.internal.V2Handlers$_closure18.doCall(V2Handlers.groovy:283) [na:na] at sun.reflect.GeneratedMethodAccessor445.invoke(Unknown Source) [na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [na:1.8.0_102] at java.lang.reflect.Method.invoke(Unknown Source) [na:1.8.0_102] at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93) [na:na] at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325) [na:na] at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:294) [na:na] at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1024) [na:na] at groovy.lang.Closure.call(Closure.java:414) [groovy-all:2.4.7] at org.codehaus.groovy.runtime.ConvertedClosure.invokeCustom(ConvertedClosure.java:54) [groovy-all:2.4.7] at org.codehaus.groovy.runtime.ConversionHandler.invoke(ConversionHandler.java:124) [groovy-all:2.4.7] at com.sun.proxy.$Proxy132.handle(Unknown Source) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context$proceed.call(Unknown Source) [!/:na] at org.sonatype.nexus.repository.docker.internal.V2Handlers$_closure1.doCall(V2Handlers.groovy:77) [com.sonatype.nexus.plugins.nexus-repository-docker:3.2.1.01] at sun.reflect.GeneratedMethodAccessor444.invoke(Unknown Source) [na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [na:1.8.0_102] at java.lang.reflect.Method.invoke(Unknown Source) [na:1.8.0_102] at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93) [na:na] at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325) [na:na] at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:294) [na:na] at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1024) [na:na] at groovy.lang.Closure.call(Closure.java:414) [groovy-all:2.4.7] at org.codehaus.groovy.runtime.ConvertedClosure.invokeCustom(ConvertedClosure.java:54) [groovy-all:2.4.7] at org.codehaus.groovy.runtime.ConversionHandler.invoke(ConversionHandler.java:124) [groovy-all:2.4.7] at com.sun.proxy.$Proxy132.handle(Unknown Source) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.handlers.TimingHandler.handle(TimingHandler.java:46) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Context.start(Context.java:114) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.Router.dispatch(Router.java:63) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.ConfigurableViewFacet.dispatch(ConfigurableViewFacet.java:52) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.view.ConfigurableViewFacet.dispatch(ConfigurableViewFacet.java:43) [org.sonatype.nexus.repository:3.2.1.01] at org.sonatype.nexus.repository.httpbridge.internal.ViewServlet.dispatchAndSend(ViewServlet.java:197) [org.sonatype.nexus.plugins.nexus-repository-httpbridge:3.2.1.01] at org.sonatype.nexus.repository.httpbridge.internal.ViewServlet.doService(ViewServlet.java:159) [org.sonatype.nexus.plugins.nexus-repository-httpbridge:3.2.1.01] at org.sonatype.nexus.repository.httpbridge.internal.ViewServlet.service(ViewServlet.java:116) [org.sonatype.nexus.plugins.nexus-repository-httpbridge:3.2.1.01] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [javax.servlet-api:3.1.0] at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:286) [com.google.inject:4.1.0] at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:276) [com.google.inject:4.1.0] at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:181) [com.google.inject:4.1.0] at com.google.inject.servlet.DynamicServletPipeline.service(DynamicServletPipeline.java:71) [com.google.inject:4.1.0] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85) [com.google.inject:4.1.0] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:112) [org.apache.shiro.web:1.3.2] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.1.0] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.3.2] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [org.apache.shiro.web:1.3.2] at org.sonatype.nexus.security.SecurityFilter.executeChain(SecurityFilter.java:85) [org.sonatype.nexus.security:3.2.1.01] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [org.apache.shiro.web:1.3.2] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [org.apache.shiro.core:1.3.2] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [org.apache.shiro.core:1.3.2] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [org.apache.shiro.core:1.3.2] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [org.apache.shiro.web:1.3.2] at org.sonatype.nexus.security.SecurityFilter.doFilterInternal(SecurityFilter.java:101) [org.sonatype.nexus.security:3.2.1.01] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.3.2] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.1.0]
Diagnosis
Failure to follow the fully advertised Collections.synchronizedList() contract, leading to potential for ConcurrentModificationException.